Two years of work by the plant security working group of the Netherlands-based WIB International Instrument Users' Association plant security working group has resulted in the announcement of the industry's first completed international "Process Control Domain-Security Requirement for Vendors" of process automation and control products and services.
The working group included representatives from the Dutch National Infrastructure against CyberCrime (NICC), Dow, DSM, DuPont, AkzoNobel, Aramco Overseas, Shell, Canadian cybersecurity leader Wurldtech Security Technologies, Invensys Operations Management and HIMA. The new security standard will be supported by a certification program being developed by Wurldtech. As a result, multinational end users such as Shell are expected to mandate the certification while government agencies such as NICC are expected to help drive its adoption internationally. More information on the standard is available from www.wib.nl.
Meanwhile, on the other side of the pond, the LOGIIC (Linking the Oil and Gas Industry to Improve Cybersecurity) Consortium has been formally established under the auspices of the Automation Federation. Membership inicludes a number of large oil and gas companies operating significant global energy infrastructure including BP, Chevron, Shell and Total. LOGIIC, which is a collaborative effort between the oil and gas companies and the Science and Technology Directorate of the U.S. Department of Homeland Security, aims to improve the cybersecurity of the industry's digital control systems through collaborative research and development projects. The Automation Federation serves as the host organization, while member companies contribute financially and technically and through the provision of personnel. The Department of Homeland Security has contracted with SRI International to provide scientific and technical guidance as well as project management.
LOGIIC's first project aims at evaluating and improving the security implications of the increasing trend for Safety Instrumented Systems (SISs) to be closely integrated with process control systems. Shell's Ted Angevaare, who chairs the LOGIIC Executive Committee, describes it as "a model example of how leading industry organizations can team with government in a public-private partnership to ensure the security and safety of the automation systems that are crucial to our critical infrastructures."
More information on LOGIIC from www.logiic.org.
